MAL-2024-9041 Malicious code in dx-hotels-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 757cbf55b30ccb4cbbf7c26afbc8eb1493280155f0ae8578700044d07a611f5c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1323 Malicious code in @socialdeal/uikit-whitelabel (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d53c0749d21786a6b7eeea319c37d26573f1ded671dc9cbed9e4508d9b65a2c0 The OpenSSF Package Analysis project identified '@socialdeal/uikit-whitelabel' @ 999.100.1 npm as malicious. It is considered malicious because:...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094-Vulnerabity-Checker Verify that your XZ Utils ve...

LinkedIn introduces new security features to combat fake accounts

LinkedIn knows it has a problem with bots and fake accounts, and has acknowledged this on more than one occasion. For years, it has been aware of spam, fake job offers, phishing, fraudulent investments, and at times malware, and has been trying to combat those issues. In 2018, LinkedIn rolled out...

Hotel staff bust Hermes SMS scammer with suspiciously large number of cables

If you’re in the UK, you’ve likely received a fake delivery SMS at this point. The original big driver for this over the pandemic was a non-stop wave of Royal Mail phishing scams. As that article mentions, most if not all of our interactions with organisations is done by mobile. I receive medical...

Over a Dozen Chrome Extensions Caught Hijacking Google Search Results for Millions

New details have emerged about a vast network of rogue extensions for Chrome and Edge browsers that were found to hijack clicks to links in search results pages to arbitrary URLs, including phishing sites and ads. Collectively called "CacheFlow" by Avast, the 28 extensions in question — including...

DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs

DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs Eric Conrad, Backshore Communications, LLC deepblue at backshore dot net Twitter: @ericconrad http://ericconrad.com Sample evtx files are in the .\evtx directory Usage: .\DeepBlue.ps1 See the Set-ExecutionPolicy Readme if...

What’s So Dangerous About Spear Phishing?

Spear phishing is one of the most common and most effective cyberattack vectors seen today. Delivered through email, spear phishing campaigns aim either to infect devices with malware, or to steal important information—like credentials and bank numbers. Spear phishing is targeted at specific grou...

How New Passive Network Sensor Boosts Platform Capabilities

Black Hat attendees got a peek at Qualys Passive Network Sensor PNS, a product that amplifies the already comprehensive IT asset visibility Qualys provides to its customers. By adding real-time network analysis to Qualys’ versatile set of sensors, PNS eliminates blind spots across IT environments...

How To Catch a Cheater

You have observed your partner and noticed some significant changes in behavior. They are more secretive about using their phone; they are working late or on the weekend; or they are not connecting with you like they used to. Do you have a cheater in the house? How can you find out? There are som...

4 steps for improving employee trust while securing them

Earlier this month we held our quarterly Cybercrime Tactics and Techniques Q2 2017 webinar. This event gave thousands of security practitioners and leaders a chance to learn about the latest analysis of threats Malwarebytes Labs has seen around the globe. In case you missed it, you can watch an...

LocalTapiola: Suspicious browser fingerprinting(?) scripts on http://www.lahitapiola.fi/ redirector

I was doing some routine scanning of my Internet traffic at work I work as a Security Researcher for Forcepoint and noticed that my IDS popped up alarms of a ton of suspicious behaviour when I was trying to access http://www.lahitapiola.fi/ front page. It turned out that there seems to be a lot o...

Packet Capture Generator for IDS: Sniffles

Packet Capture Generator for IDS and Regular Expression Evaluation Sniffles is a tool for creating packet captures that will test IDS that use fixed patterns or regular expressions for detecting suspicious behavior. Sniffles works very simply. It takes a set of regular expressions or rules and...

DAMM - Differential Analysis of Malware in Memory

An open source memory analysis tool built on top of Volatility. It is meant as a proving ground for interesting new techniques to be made available to the community. These techniques are an attempt to speed up the investigation process through data reduction and codifying some expert knowledge...

Google Adds Feature to Keep Malware Out of Chrome Web Store

Google is adding more security controls to its browser-based Chrome Web Store by adding a new application-vetting feature called ‘Enhanced Item Validation.’ For all intents and purposes, the search giant claims that the new policy will only impact application developers in that they will have to...

Facebook Apps Promise Change but In Reality Phish Your Information

Spammy Facebook apps are nothing new, the web giant has been dealing with suspicious behavior apps since the website launched the Facebook Platform for developers in 2007. As an open source app development tool, anyone can create an app, including people who really just want to steal your...

Potential attack vector using attachments

Suspicious handling of attachment uploads with filenames containing quotes the quoted ended up being repeated and semicolons semicolon and all subsequent characters were stripped from filename...